Apparatus and method for authentication of computer-readable medium

ABSTRACT

An apparatus and method for authentication of a computer-readable medium ( 120 ) provides advantages of automating the authentication process, and further provides redundancy in processes that may be used by a customer for authentication. It enables downloading of files and/or licenses from a central server ( 104 ), and the local use of an authentication program running on the client ( 102 ), who reduces communications and processing demands on the server (104). Further advantages include the flexibility to customize the authentication approach by varying the local criteria checked during authentication. Accordingly, downloading and further copying and distribution of software or content is effectively controlled, making piracy and other unauthorized copying more difficult.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates in general to authentication in computersystems, and, more specifically, to authentication of acomputer-readable medium containing valuable informational content.

2. Description of the Related Technology

The software and entertainment industries have a strong interest inprotecting valuable business software and other types of software, suchas recreational game software, and music, movie and other entertainmentcontent from unauthorized copying and distribution. The widespread useof personal computers, Internet access, and portable devices such as MP3players has permitted extensive unauthorized distribution of softwareand entertainment content. As the software and entertainment industriesare increasingly using the Internet for distribution of software andcontent to businesses and consumers, it has become important to limitthis distribution to authorized customers who have properly paid for orotherwise are entitled to receive this software and content. Theproviding of software updates and additional entertainment content orrelated services through Internet distribution, for example as may beprovided under subscription-based distribution models, further increasesthe need to control distribution to authorized customers. Also,purchasers of software often desire to interact with other users ofcompatible software, for example Internet-based games software, and doso through a central server computer that enables this interaction.

Prior approaches to limiting distribution to authorized customers haveincluded efforts to authenticate the customer prior to permitting thecustomer to download software and/or entertainment content. Theseapproaches include establishing an Internet connection between a clientcomputer and a server computer and the manual entry of authenticatingdata by the user. Such authenticating data may include a passwordprovided by a software or content vendor at the time of sale or specifictext that is located by the user from a manual or other paper guideprovided as part of the customer's purchase. A limitation of thesemanual approaches is the manual effort required by the customer, whichmay find the locating of information in a manual or typing in of apassword more time-consuming or difficult than is offered in competingproducts. Thus, it would be desirable to have an authentication approachthat is automated and does not require manual action by the customer.

Another limitation of prior manual authentication approaches is thatthey are susceptible to piracy because the password or otherauthenticating data provided to an original customer may be copied anddistributed along with pirated copies of software or entertainmentcontent. More complicated manual approaches have required the enteringof additional authenticating data by the customer that varies with timeor other events associated with the customer's use of a purchasedcomputer product or on-line service, but such approaches only increasecustomer effort and frustration. It would be preferable for any use ofsuch additional authentication criteria to be automated and handledwithout additional customer interaction.

Yet another limitation of prior manual authentication approaches is thatthey do not provide a convenient alternative authentication approach ifthe primary authentication approach fails. The typical back-upalternative requires live communication with a vendor. It would bepreferred to have an automatic authentication approach with redundancythat permits at least a semi-automatic authentication approach in casethe primary approach fails.

Hence, there is a need for an authentication process for controllingdistribution of software and content to customers that is automated,provides redundancy, and permits more extensive checking of multipleauthentication criteria without additional manual involvement bycustomers.

SUMMARY OF THE INVENTION

Accordingly, it is an object of the invention to provide anauthentication process for controlling distribution of software andcontent to customers that is automated, provides redundancy, and permitsmore extensive checking of multiple authentication criteria withoutadditional manual involvement by customers.

In order to achieve the above and other objects of the invention, amethod of authenticating an article of digital media having a digitalwork provided thereon includes identifying criteria on the article ofdigital media; and comparing the criteria to corresponding criteria thatis know to be present on an original master version of the digital work.

These and various other advantages and features of novelty thatcharacterize the invention are pointed out with particularity in theclaims annexed hereto and forming a part hereof. However, for a betterunderstanding of the invention, its advantages, and the objects obtainedby its use, reference should be made to the drawings which form afurther part hereof, and to the accompanying descriptive matter, inwhich there is illustrated and described a preferred embodiment of theinvention.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block diagram illustrating a computer system forauthentication according to the present invention;

FIG. 2 illustrates the contents of a compact disc according to thepresent invention;

FIG. 3 is a process flow diagram illustrating a method forauthentication according to the present invention;

FIG. 4 is a process flow diagram illustrating an authentication processin the authentication method of FIG. 3;

FIG. 5 is a process flow diagram illustrating a local criteria checkingprocess in the authentication method of FIG. 4; and

FIG is a data flow diagram illustrating data streams between the clientcomputer and music server of FIG. 1.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT(S)

Referring now to the drawings, wherein like reference numerals designatecorresponding structure throughout the views, the present inventionprovides an apparatus and method for authenticating a computer-readablemedium such as, for example, a compact disc (CD) loaded into a clientcomputer (sometimes referred to herein as simply “client”), which is incommunication with a remote server computer (sometimes referred toherein as simply “server”). In particular, according to one aspect ofthe present invention, the authentication is accomplished using softwareand data stored on the CD itself in which the software is automaticallylaunched after insertion of the CD into a CD drive on the client andinvestigates one or more criteria associated with the CD and/or clientas part of the authentication process. After authentication of the CD,the server authorizes downloading of digital content identical to orrelated to the software or content on the CD or other related newinformation to the client.

Although the present invention is discussed below in the non-limitingexample of an audio CD, the present invention may generally be used withother types of digital storage media including, for example, CD-ROMs,CD-Rs, and DVDs. Further, the present invention is applicable in generalto the protection and control of the distribution of any type ofinformation that may be stored on a computer-readable medium such as,for example, software, data, music, and movies. Accordingly, the presentinvention extends to and is useful with these other media and types ofinformation.

FIG. 1 is a block diagram illustrating a computer system 100 forauthentication of a computer-readable medium, for example a compact disc116, according to the present invention. Computer system 100 includes aclient 102 and a music server 104 connected by a remote connection 106,for example a standard Internet connection. Client 102 has a centralprocessing unit (CPU) 108, a hard drive 112 coupled to CPU 108, and ahardware unit for reading the computer-readable medium, for examplecompact disc drive 110. Client 102 is, for example, an Intel-basedpersonal computer running the WINDOWS operating system from MicrosoftCorporation. One skilled in the art will recognize that numerous otherhardware platforms may also be used for client 102, Compact disc 116 istypically purchased by a customer in physical form in a compact discpackage 120, which includes compact disc 116 and collateral information118. Compact disc 116 is, for example, a multi-session compact dischaving standard audio tracks recorded in a first session and standarddigital data recorded in a second session. Compact disc 116 is read bycompact disc drive 110. The audio tracks may correspond, for example, tothe songs in an album produced by a music publisher. The types ofdigital data provided on compact disc 116 permit authentication ofcompact disc 116 according to the present invention as described in moredetail below. The digital data recorded in the second session mayadditionally include protected digital copies of the music content ofthe first session whereby such protected content may only be accessed bythe user's computer after authentication and subsequent downloading of adigital music file licenses 115 to access this digital music content.The digital file protection may be provided by any number of proprietaryor commercially available Digital Rights Management apparatuses such asMicrosoft's “Windows Media Rights Manager” (WMRM) or IBM's ElectronicMedia Management System (EMMS). According to the present invention, andif authentication of compact disc 116 has been achieved, digital musicfiles 114 are downloaded from music server 104, or copied from thecollateral information 118 stored on the second session of the compactdisc 116, to client 102 and, for example, stored on hard drive 112. Whencontent is downloaded, Server 104 selects music files 114 from a musiclibrary 122, which is a database of a large number of music files anddigital music file licenses 115 corresponding to, for example, musicalbums for different performing artists. Music library 122 may bemanaged by music server 104 or by a dedicated database server (notshown) using conventional techniques. When content is alternativelycopied from the collateral content 118 of the second session of thecompact disc 116 the music library is pre-determined once the compactdisc 116 is manufactured since the compact disc is a read-only storagemedium. According to the present invention, content may be transferredto the client computer 102 hard drive 112 by being downloaded from amusic server 104, copied from the collateral content 118, or through acombination of the two methods, but no data transfer may take placeprior to authentication of the compact disc 116 medium which is thesubject of the present invention

When compact disc 116 is inserted into drive 110, the authenticationaccording to the present invention is executed automatically, asdescribed in more detail below. Successful authentication of compactdisc 116 enables a customer to, for example, conveniently andautomatically obtain a digital version of a music album recorded oncompact disc 116.

According to the present invention, music files 114 downloaded fromserver 104, or copied directly from the compact disc collateralinformation 118, typically correspond one-to-one to the content in theaudio tracks of compact disc 116. Also, additional songs, for exampleperformed by the same artist, and/or other information or content suchas images and videos may be downloaded to client 102. In addition, musicfiles 114 may be updated versions of the same songs previously recordedonto compact disc 116. Further, in other embodiments, files 114 may besoftware or other content files corresponding, for example, to softwaredistributed on compact disc 116. In the case of software files, library122 may contain regularly updated versions of the corresponding softwareso that the user of client 102, when in physical possession of compactdisc 116, may periodically acquire updated versions of software. In yetother embodiments, other files may be stored in library 122 and/orcollateral information 118 and provided to client 102 to offer relatedservices to the purchaser of compact disc 116.

Standard audio compact disc players may be used to play the songs oncompact disc 116. Also, the purchaser of compact disc package 120 mayuse client 102 to make copies of digital music files 114 onto compatibleportable devices such as, for example, WMA and MP3 players. According tothe present invention, a publisher of the informational content, forexample music files, stored on compact disc 116 can better control useand distribution of the content on compact disc 116 by controlling apurchaser's ability to copy music files directly from compact disc 116to hard drive 112. If direct copying were permitted, then a purchasermay be able to create digital copies of, for example, songs on compactdisc 116 using so-called ripping software and then electronicallydistribute these copies without authorization to other persons. Incontrast, the present invention permits more control over distributionwhile still providing an authorized purchaser with convenience of use ofmusic content on multiple platforms.

One of the many available content control approaches may be used toprevent direct copying of files from compact disc 116 to hard drive 112.After authentication of compact disc 116, the purchaser is able toobtain music files 114. Copying and distribution of music files 114after download can be controlled using a standard digital rightsmanagement approach. Thus, a purchaser is able to play compact disc 116on standard audio players and to obtain digital files for use on thepurchaser's personal computer. Authentication of compact disc 116 is nowdiscussed in more detail below.

FIG. 2 illustrates the contents 200 of a computer-readable medium, forexample compact disc 116, according to the present invention. Asmentioned above, compact disc 116 is, for example, a multi-session disc.Music content 202 is stored in a first session and contains audio trackscorresponding, for example, to a music album and corresponding, asmentioned above, to digital music files 114. Several data files arestored in a second data session and are listed in a directory 204, whichis also stored in the second session. According to the presentinvention, the data files include a computer program 206, an identifierfile 208, an HTML file 210, an auto-run information file 212 and,optionally, protected versions of the music content 214.

Computer program 206 executes and controls the authentication methodaccording to the present invention, as discussed in greater detailbelow. Computer program 206 is programmed using, for example, the C++programming language. However, one skilled in the art will recognize inlight of the following description that many other types of programminglanguages may be used to implement program 206. Auto-run informationfile 212 provides the information necessary for automatically launchingcomputer program 206 when a user inserts compact disc 116 into drive110. The auto-run feature is implemented using a standard approach suchas, for example, available when using the WIDOWS 98 operating systemfrom Microsoft Corporation running on an Intel-based personal computer.One skilled in the arts will recognize that similar. auto-run approachescan be implemented for other platforms such as, for example, the Appleand Sun Microsystems computer platforms.

HTML file 210 provides text and images to provide a user withinformation that the user may manually access in the event that computerprogram 206 does not automatically launch after insertion into drive 110or remote connection 106 is not automatically established. Identifierfile 208 includes a content identifier 214 and a secret key 216. Contentidentifier 214 is sent to music server 104 and enables server 104 toselect music files 114 and/or digital music licenses 116 from musiclibrary 122 that correspond to compact disc 116. Secret key 216 is, forexample, an arbitrarily selected hexadecimal string and is used as partof the authentication process as described further below.

FIG. 3 is a process flow diagram illustrating a method forauthentication according to the present invention. The method isgenerally executed under the control of computer program 206. However,some portions of the method are initiated by the user of client 102 orcontrolled by server 104 as described below.

In step 300, the user loads compact disc 116 into drive 110. In step302, computer program 206 is automatically launched using the auto-runfeature defined by auto-run information file 212. In step 304, program206 attempts to establish remote connection 106. In step 306, ifconnection 106 is established, then authentication of compact disc 116is attempted in step 308.

If connection 106 is not established because program 206 fails tolaunch, then in step 318 the user attempts to manually connect to server104 as instructed by directions provided in collateral information 118.These directions, for example, direct the user to launch a standardbrowser program such as, for example, INTERNET EXPLORER from MicrosoftCorporation and connect to server 104 through remote connection 106,using a URL that the user is provided in collateral information 118.

HTML file 210 contains information that the user may manually accessusing directory 204. This information may, for example, contain similarinstructions regarding manual connection to server 104, including theappropriate URI,, as described above for collateral information 118.HTML may also contain other information of benefit to the user relatingto the software or content on compact disc 116.

If program 206 is successfully launched, but remote connection 106 isnot established due to a failure for some other reason, then in step 318 program 206 presents a pop-up informational window to the user thatdirects the user to manually attempt to establish remote connection 106,for example by the user's establishing a dial-up Internet connection,and to re-insert compact disc 116 into drive 110 so that program 206once again is launched and attempts to establish a connection to server104.

In step 320, after the user has connected to server 104, the userrequests authentication of compact disc 116, and server 104 attempts toinitiate authentication. In a first approach, server 104 attempts toremotely launch program 206 to perform authentication in step 308. In asecond approach, server 104 downloads and executes a standard CommonObject Model (COM) object, which substantially includes the sameauthentication functionality as program 206, to client 102 to performauthentication in step 308.

In step 322, if compact disc 116 can be accessed for authenticationpurposes by server 104 as described above, then the authenticationprocess of step 308 is performed. Thus, according to the presentinvention, redundancy as described above is provided for theauthentication method, which continues in step 308 in an automatedmanner.

In step 310, if authentication is successful, then in step 312 the useris permitted to download music files 114 and/or digital music filelicenses 116. Server 104 downloads an HTML web page to client 102, oralternatively directs client 102 to an HTML web page already stored withcompact disc collateral information 116, which is read by a standardbrowser component provided in program 206 and then displayed to theuser. The web page presents the song tracks or other files that may beselected for download or copying to the client computer. In step 312,one or more tracks may be selected by the user and then downloaded orcopied as music files 114.

In step 322, if compact disc 116 cannot be accessed, then in step 324server 104 requests that the user review collateral information 118 forspecific text content for manual entry into client 102 by the user. Instep 316, server 104 compares the manually-entered text with theoriginal text provided on collateral information 118. In an alternativeapproach, the user could manually obtain text from a file on compactdisc 116. If the text content provided matches the original text, thenin step 312 the user is permitted to obtain music files 114 as describedabove. If the user enters incorrect text, then in step 314 musicdownload and/or music license download is not permitted. The manualentry of authenticating text provides additional redundancy to theforegoing authentication methods.

FIG. 4 is a process flow diagram illustrating the authentication processof step 308 in FIG. 3. The process of FIG. 4 is controlled by program206. Specifically, in step 400, a secure communication session isestablished between client 102 and server 104 using, for example,standard encryption techniques. In step 402, client 102 requests asession key from server 104. In step 404, the session key is decryptedby client 102 and used by client 102 for identifying the session infurther communications with server 104.

In step 406, program 206 checks several local criteria associated withclient 102 and/or compact disc 116, as described further below. In step408, if any one or more of the local criteria are not successfullysatisfied, then in step 410 authentication fails. However, if allcriteria are satisfied, then in step 412 secret key 216 is encrypted andsent to server 104. In step 414, content identifier 214 is encrypted andsent to server 104. It should be noted that, in general, allcommunications between client 102 and server 104, including thedownloading of music files 114, are encrypted for increased security.

In step 416, server 104 decrypts secret key 216, and in step 418 checksto see if secret key 216 matches its original value as mastered ontocompact disc 116. If secret key 216 matches this value, thenauthentication is successful in step 422, and in step 424 contentidentifier 214 is used to select the appropriately corresponding musicfiles 114 for download to the user. If secret key 216 does not match,then authentication fails in step 420.

FIG. 5 is a process flow diagram illustrating the local criteriachecking process of step 406 in the authentication method of FIG. 4. Thelocal criteria are checked under the control of program 206. In step500, program 206 reads directory 204 and makes a standard operatingsystem call to determine if the device from which directory 204 is beingread is a removable-computer-readable-medium drive such as, for example,compact disc drive 110.

In step 502, if the current drive is aremovable-computer-readable-medium drive, then criteria checkingcontinues. Otherwise, the local criteria are not satisfied in step 514.If the current drive is not a removable-computer-readable-medium drive,then it is presumed that the current drive is an unauthorized drive suchas, for example, hard drive 112 onto which the user has made anunauthorized copy of compact disc 116.

In step 504, program 206 makes a standard device call, using for examplea standard Small Computer Serial Interface (SCSI)/Integrated DriveElectronics (IDE) command to drive 110, to determine the type of compactdisc media being read from drive 110. In one approach, compact disccontents 200 are checked for the presence of a so-called Absolute Timein Pre-Groove (ATIP) by issuing a “Read TOC/PMA/ATIP” command. An ATIPis associated with recordable compact discs (such as CD-Rs or CD-RWs)and is written onto a CD-R or CD-RW when recording content thereon.

Generally, the purchaser of compact disc package 120 is not authorizedto make a copy of music content 202 to a CD-R disc. It has been foundthat an ATIP is generally only absent if a compact disc has been pressedfrom a master. Accordingly, if the contents of the ATIP are returned bythis command, then it is presumed that the media is an unauthorized CD-Rdisc, and authentication fails. Specifically, in step 506 if an ATIP ispresent, then in step 514 criteria are not satisfied. If no ATIPinformation is returned, then this criterion is passed.

In other approaches step 504 could check other types of information fromcompact disc contents 200, such as information stored in the so-calledlead-in or lead-out area of either an audio or data session on compactdisc 116. This information may, for example, include informationregarding the version of software that is distributed on compact disc116 or that uniquely identifies the artist associated with compact disc116.

In step 508, certain content, for example text, is read from HTML file210 and compared to the originally mastered content. In step 510,program 206 reads the file size and time stamp for all files stored inthe data session on compact disc 116. In step 512, if the content, filesizes and time stamps all match the originally mastered values, thencriteria checking continues.

Otherwise, the local criteria are not satisfied in step 514.

In step 520, certain low-level content is read from compact disc 116 andinspected for known errors purposefully introduced during the masteringprocess. Ideally, such intentional errors should be made to sections ofthe compact disc 216 that can only be made dining the mastering process,that can be read by traditional compact disc readers, and that cannot bewritten by conventional compact disk writers (CD burners). For example,intentional errors may be introduced to the P and Q parity symbols inthe EMF frame and/or to the sync bits of the P-W sub-channels in thelead-in or lead-out area of any one or multiple sessions on the compactdisc 116. Optimally, such errors should be located in one of the lastblocks of the lead-out area of the last session since no essentialinformation is present in the lead-out area which will minimize anyunwanted side effects of a read error.

In step 522, these intentional errors are compared to the errors in theoriginally mastered content and if these errors substantially match theoriginally mastered values, then all criteria are satisfied in step 516.Otherwise, the local criteria are not satisfied in step 514. Asubstantial match is all that is required for this test since compactdisc degradation over time may cause certain errors to be indiscernibleand so, in the current embodiment, only a simple majority (51%) of sucherrors must match.

Although specific local criteria have been described above, it should beappreciated that according to the present invention numerouscombinations and types of other local criteria could also be checked. Instep 518, program 206 reads identifier file 208 to obtain secret key 216and content identifier 214 for sending to server 104.

FIG. 6 is a data flow diagram illustrating the primary data streamsbetween client 102 and music server 104. In data stream 600, client 102sends a request for a session key as described above. Then, in stream602, server 104 sends the session key in encrypted form.

If authentication as described above is successful, then in stream 604,client 102 sends secret key 216 and content identifier 214 in anencrypted form to server 104. In stream 606, in response server 104sends a web page that is displayed by program 206 and permits the userto customize the user's choice of music files 114 and music licenses 115for downloading from the music server 104 and/or copying from compactdisc 116. In stream 608, music files 114 and/or music licenses 115 aredownloaded to client 102.

In an alternative embodiment of the present invention authentication ofthe compact disc 116 may be accomplished solely through the execution ofcomputer program 206 without requiring access to the music server 104provided the criteria checking steps taken in FIG. 5 are reduced to onlythose tests which may be performed with knowledge in hand prior to themastering process. Accordingly, date and time stamp checking for allfiles on the compact disc 510 would have to be abandoned since program206 would have no a priori knowledge of the date and time these fileswould be created since, by definition, such information may only beobtained post-mastering and computer program 206 must be created priorto mastering.

By the foregoing description, a novel apparatus and method forauthentication of a computer-readable medium have been disclosed. Thepresent invention has the advantages of automating the authenticationprocess, providing redundancy in processes that may be used by acustomer for authentication to enable downloading of files and/orlicenses from a central server, and the local use of an authenticationprogram running on the client, which reduces communications andprocessing demands on the server. Further advantages include theflexibility to customize the authentication approach by varying thelocal criteria checked during authentication. By the use of theforegoing invention, downloading and further copying and distribution ofsoftware or content is controlled and piracy and other unauthorizedcopying is made more difficult.

It is to be understood, however, that even though numerouscharacteristics and advantages of the present invention have been setforth in the foregoing description, together with details of thestructure and function of the invention, the disclosure is illustrativeonly, and changes may be made in detail, especially in matters of shape,size and arrangement of parts within the principles of the invention tothe full extent indicated by the broad general meaning of the terms inwhich the appended claims are expressed.

1. A method of authenticating an article of digital media having adigital work provided thereon, comprising steps of: identifying criteriaon the article of digital media; and comparing the criteria tocorresponding criteria that is known to be present on an original masterversion of the digital work.
 2. A copy-protected digital storage medium,comprising: a digital storage medium; a digital work encoded on saiddigital storage medium; and a computer program also encoded on saiddigital storage medium, said computer program constructed and arrangedto be executable on a personal computer in order to thwart access tosaid digital work by said personal computer.
 3. A copy-protected digitalstorage medium according to claim 2, wherein said digital storage mediumis a compact disc.
 4. A copy-protected digital storage medium accordingto claim 3, wherein said digital work comprises an audio work containingaudio files.
 5. A copy-protected digital storage medium according toclaim 4, wherein said audio files are located on a first session of thecompact disc.
 6. A copy-protected digital storage medium according toclaim 5, wherein said computer program is located on a second session ofthe compact disc.
 7. A copy-protected digital storage medium accordingto claim 4, further comprising an auto-run information file on saidcompact disc.
 8. A copy-protected digital storage medium according toclaim 7, wherein said auto-run information file is configured toinstruct a personal computer to execute said computer program.
 9. Acopy-protected digital storage medium according to claim 1, furthercomprising an auto-run information file on said article of digitalmedia.
 10. A copy-protected digital storage medium according to claim 9,wherein said auto-run information file is configured to instruct apersonal computer to execute said computer program.
 11. A copy-protecteddigital storage medium according to claim 1, wherein said digitalstorage medium comprises a standard audio compact disc that is playableby a standard audio compact disc player.
 12. A copy-protected digitalstorage medium according to claim 11, wherein said computer program isconstructed and arranged so as not to interfere with playability of saidcompact disc in a standard audio compact disc player.
 13. Acopy-protected digital storage medium according to claim 1, wherein saidcomputer program is constructed and arranged to control a computeruser's ability to digitally extract the digital work from the digitalmedia.
 14. A copy-protected digital storage medium according to claim 1,wherein said computer program is constructed and arranged to inspectlow-level content from a hardware device that is provided on thepersonal computer for reading said digital media.
 15. A method ofoperating a personal computer, comprising steps of: connecting a digitalstorage medium bearing a digital work and a computer program to apersonal computer; and executing the computer program on the personalcomputer to thwart access to the digital work.
 16. A method of operatinga personal computer according to claim 15, wherein said digital storagemedium is a compact disc.
 17. A method of operating a personal computeraccording to claim 16, wherein said digital work comprises an audio workcontaining audio files.
 18. A method of operating a personal computeraccording to claim 17, wherein said audio files are located on a firstsession of the compact disc.
 19. A method of operating a personalcomputer according to claim 18, wherein said computer program is locatedon a second session of the compact disc.
 20. A method of operating apersonal computer according to claim 19, further comprising an auto-runinformation file on said compact disc.
 21. A method of operating apersonal computer according to claim 20, wherein said auto-runinformation file is configured to instruct a personal computer toexecute said computer program.
 22. A method of operating a personalcomputer according to claim 15, further comprising an auto-runinformation file on said article of digital media.
 23. A method ofoperating a personal computer according to claim 22, wherein said stepof executing the computer program comprises using said auto-runinformation file to instruct the personal computer to execute saidcomputer program.
 24. A method of operating a personal computeraccording to claim 15, wherein said digital storage medium comprises astandard audio compact disc that is playable by a standard audio compactdisc player.
 25. A method of operating a personal computer according toclaim 24, wherein said computer program is constructed and arranged soas not to interfere with playability of said compact disc in a standardaudio compact disc player.
 26. A method of operating a personal computeraccording to claim 15, wherein said step of executing the computerprogram comprises controlling a computer user's ability to digitallyextract the digital work from the digital media.
 27. A method ofoperating a personal computer according to claim 15, wherein said stepof executing the computer program comprises inspecting low-level contentfrom a hardware device that is provided on the personal computer forreading said digital media.